REFS-A Risk Evaluation Framework on Supply Chain

Abstract

Large, powerful corporations were formerly solely and exclusively responsible for supplies, manufacturing, and distribution; however, the supply chain has undergone significant transformations over the last half-century. Almost all supply chain processes are currently outsourced, owing to the initiatives of cutting-edge, contemporary businesses. According to a compilation of studies, analysts, and news sources, the level of risk associated with modern supply chains is considerably higher than the majority of supply chain managers believe. Supply chain vulnerabilities continue to pose a substantial obstacle for a great number of organizations. Neglecting to adequately address these risks—encompassing natural disasters, cyber assaults, acts of terrorism, the credit crisis, pandemic scenarios, and war—could result in substantial reductions in metrics such as profitability, productivity, revenue, and competitive advantage. Unresolved concerns persist with respect to the risk assessment of the supply chain. The purpose of this article is to propose a framework for risk evaluation that can be efficiently applied to the evaluation of hazards within the supply chain. This research study significantly enhances the existing knowledge base by offering supply chain managers a pragmatic tool to evaluate their processes, regardless of the mathematical foundations or the variety of variables utilized in risk assessment. The outcomes of multiple aggregation methods are compared using a case study from an automotive EMS production; the conclusions are validated by risk and FMEA specialists from the same factory.

1. Introduction

In the past decade, numerous organizations have incurred expenses amounting to hundreds of millions of dollars or euros due to unforeseen disruptions and weaknesses in their supply chains. At the heart of these problems is the absence of dependable mechanisms to identify and effectively mitigate the escalating supply chain risks that result from increased global interconnectedness. As a consequence, the evaluation of supply chain risk is progressively gaining importance. There has been an exponential increase in the quantity of risk analysis papers published since the beginning of the century [1]. Considering the number of scholarly articles dedicated to the most widely used risk analysis techniques and pragmatic implementations of FMEA in diverse domains, the supply chain would rank last on this list [1]. Notwithstanding this, a multitude of concerns pertaining to the FMEA methodology continue to be unresolved in the recently published FMEA (released in [2]). In regard to supply chain risk analysis, uncharted territories still remain.

The evaluation and selection of suppliers are critical components of the supply chain. Dickson established the initial classification system in 1966 [3], and Cheraghi subsequently revised it in 2011 [4]. Huang et al. [1] published a systematic literature review in 2021 that demonstrates the exponential growth of risk analysis publications over the past two decades. Keyword analysis reveals that “FMEA”, “system”, “risk evaluation”, “criticality analysis”, and “failure mode” have risen to prominent positions. Similar findings were published by Liu et al. [5] in 2013. It can be concluded that the FMEA continues to be the most widely utilized tool for risk assessment; however, it is presently employed in conjunction with alternative evaluation approaches [1,5].

Multiple authors [6,7,8] have examined the reasons behind the limited use of FMEA and other risk analysis methods in the supply chain. The researchers conducted an analysis and successfully identified the main factors: the main difficulty impeding wider deployment appears to arise from a lack of understanding of how to apply FMEA within a supply chain environment.

Numerous scholarly articles have highlighted the limitations of the FMEA [5,9,10,11]. As a result, the FMEA was revised through a collaborative effort between AIAG and VDA. The AIAG-VDA FMEA 1st Edition, a novel FMEA framework, was published in the year 2019 [2]. The recent update to the system includes the addition of a chapter titled “Monitoring and System Response”. In this update, the Risk Priority Number (RPN) has been replaced with Action Priority Tables. Furthermore, a comprehensive approach consisting of seven steps, namely: planning, structure analysis, function analysis, failure analysis, risk analysis, optimization, and documentation of results has been implemented. The utilization of the Severity (S), Occurrence (O), and Detection (D) scales persists, and it is advisable for the team to evaluate them in a manner consistent with a conventional FMEA. The utilization of the Action Priority Level, which is determined based on the values of the S, O, and D components from a designated Action Priority (AP) Table, has replaced the use of RPN. The suggested table for AP levels is derived from the values assigned to the components S, O, and D. However, it is subject to modification based on factors such as the nature of the business, the specific process, or the industry involved. The AP table delineates the instances in which the organization is authorized to initiate action, as opposed to the responsibility falling upon the FMEA Team. No action is required for Low AP levels, while any lack of action for Medium AP levels should be adequately justified. In the case of High AP levels, immediate action must be taken to mitigate the risk. This suggests that instead of relying on the RPN value, the actions are selected based on the specific values of the factors. Regrettably, as demonstrated in

Table A6. A detail from the standard and new FMEA analysis results for 3 factors.

No	Process	Sub-Process	Failure mode	Effect	O	S	D	RPN	AP
1	handling	at supplier	damaged	stop prod/cust	2	9	9	162	H
2	handling	during transp	damaged	stop prod/cust	2	9	7	126	M
3	handling	during uploading	damaged	stop prod/cust	2	9	7	126	M
4	handling	during downloading	damaged	stop prod/cust	2	9	7	126	M
5	handling	delay(nat.hol)	delay in production	stop cust or delay	1	7	7	49	M
6	transport	delay traffic	delay in production	stop cust or delay	1	9	6	54	M
7	transport	delay disaster	delay in production	stop cust or delay	1	10	6	60	M
8	transport	accident	delay in production	stop cust or delay	1	10	6	60	M
9	mat.ordering	order mistake	stop production	stop customer	1	10	6	60	M
10	IT system	IT failure	system error	stop customer	1	10	6	60	M
11	WH	mat.ordering	mat shortage at reseller or supply	stop customer	1	10	6	60	M
12	WH	mat.ordering	mat. shortage market situ	stop customer	1	10	6	60	M
13	WH	mat.ordering	distrib WH issue	stop customer	1	10	6	60	M

, the current system is incapable of accurately discerning the actual amount of risk.

It may be inferred from the existing body of research that the supply chain industry uses risk analysis methods that closely resemble those employed in various other domains. The authors exclusively employ the FMEA [12,13,14] assessment technique, or a modified version of FMEA with factors limited to 5 levels instead of 10 [15]. Alternatively, they utilize mixed evaluation techniques such as Fuzzy-FMEA [11,16,17,18,19], Fuzzy-AHP [20,21], FMEA-ANP [22], or Fuzzy Bayesian-based FMEA [14]. Fuzzy FMEA [19] is considered the second most often utilized risk analysis technique, following the FMEA method. The three membership functions commonly utilized in Fuzzy FMEA are triangular, trapezoidal, and Gaussian [23,24,25].

The conventional approach for assessing supply chain risk predominantly involves employing the FMEA framework, which incorporates three key factors: Severity, Occurrence, and Detection. A limited number of authors argue against the adequacy of three factors and instead propose the utilization of models that incorporate either four (expense, time, flexibility, and quality) [26] or five (likelihood, consequence of time/delay, consequence of additional expense, consequence of damage to quality, and visibility) [27] factors. In the present case, commonly employed variables were assessed, namely Visibility and Consequence, with the latter being determined by the provider’s delay, the cost associated with the supplier, and the quality of the given components.

In the context of supply chain risk analysis, new factors have emerged, such as Quality, Time, Cost [14,26], Intensity [13], Consequence [8], Effect, Cause, Measure [28], and others.

The multiplication aggregation function remains the most commonly employed way for analyzing the usage of aggregation functions [6,7,8,21,28]. The second approach integrates Fuzzy analysis with FMEA [11,16,17,20].

Organizations, irrespective of their business, are clearly susceptible to both internal and external threats that might disrupt their supply chain. This document provides a limited selection of illustrative examples instead of a comprehensive collection of all possible failures. A preliminary example was created at the manufacturing facility where the case study was conducted and is represented by the subsequent enumeration. The framework integrates perspectives obtained from comprehensive industry expertise, audit results from both internal and external sources, instructor lectures during educational sessions, analysis of current events, and customer queries. Similar works published by subsequent authors [29,30,31,32] further contributed to the expansion of our knowledge and were duly incorporated into our knowledge base.

Internal supply chain interruption can potentially arise due to:

• Instances of internal operational disruptions;
• Instances of significant management, staff, and operational procedure changes;
• Instances of failure to implement contingency plans in response to problems;
• Instances of inadequate implementation of cybersecurity policies and controls leading to cyberattacks and data breaches;
• Instances of non-compliance with labor laws or environmental standards;
• Instances of unavailability of products to meet customer demands (attributable to inventory issues, ERP system malfunctions, human errors, etc.).

The external supply chain risk might arise due to factors such as:

• Unpredictable or misunderstood consumer demand;
• Delays in the transportation and distribution of commodities, encompassing many types such as components, finished products, and raw materials;
• The potential risks posed by terrorism, armed conflict, economic or political penalties, as well as social, governmental, and economic challenges;
• The management of supplier risk includes concerns regarding the physical infrastructure and regulatory compliance of a supplier;
• Natural disasters, such as tornadoes, hurricanes, floods, droughts, landslides, and earthquakes;
• Human errors occur at all levels and in all locations.

The above list serves as an exemplification of the types of factors that ought to be taken into account; nevertheless, they should be considered in light of the region’s past supply chain issues, trends, and potential challenges.

In summary, a pertinent, functional, and adaptable instrument for performing supply network risk assessment is currently non-existent. It is imperative that supply chain managers and risk analysts have easy access to this instrument, considering the aforementioned activities and global developments that have an impact on the supply chain. The forthcoming instrument ought to enhance its efficacy in discerning credible threats, encompass a more extensive spectrum of risk factors surpassing the present three boundaries, and uphold a degree of user-friendliness comparable to that of the conventional FMEA methodology.

To put constraints aside, it is frequently necessary to monitor a great number of factors; thus, a risk evaluation framework was developed in accordance with these concepts. It was also considered that numerous authors attempted to utilize alternative aggregation methods, such as Euclidean, multiplicative, additive, median, or other functions. Alternatively, they attempted to integrate FMEA with AHP, ANP, TOPSIS, or other methodologies, frequently employing Fuzzy logic. Combining the aforementioned, the TREF method was developed [33,34] in response to these articles. TREF now was expanded to include a Fuzzy-FMEA function with multiple factors. The issue at hand pertains to the optimal aggregating function. This is an attempt to be answered in the article.

This article in Section 1 conducts an extensive literature review on techniques for managing risks in supply chains and provides a concise overview of the many types and levels of factors that are taken into account. Section 2 of the article explores further methods of aggregating several risk factors, namely more than three, by expanding on the commonly used Failure Mode and Effects Analysis (FMEA) as a fundamental framework. The framework is improved by integrating the Fuzzy-FMEA methodology. Furthermore, this study undertakes a comparative analysis of various risk analysis methodologies within the context of the flexible TREF-based risk evaluation framework. The techniques are graded using the TOPSIS algorithm in the following manner. Section 3 provides a clear set of instructions for effectively putting the concept into practice. Section 4 presents a case study that examines the analysis of supply chain risks in an automotive manufacturing service organization as a Tier 2 supplier. Section 5 provides an exposition of the findings obtained from this case study.

2. Mathematical Background

Several authors acknowledged in the preceding chapter that three factors are insufficient for a comprehensive risk assessment. As the number of factors increases, the aggregation function becomes more intriguing. The same limitations that are evident in the FMEA become apparent when employing multiplicative aggregation, which is the same logic as the aggregation function in the FMEA. As a result, the research investigates the criteria that define an aggregation function, the various types of aggregation functions that can be employed, and the benefits and drawbacks of these functions in the context of risk assessment.

2.1. Aggregation Functions Criteria

In the study conducted by the authors in [35,36,37], various aggregating functions were examined. Aggregation functions necessitate several conditions [38,39], including validity, monotonicity, sensitivity, symmetricity, linearity, scale fit, and scale endpoint identity.

• Validity: Consider the manner in which the risk emanates from the constituents.

  $$F:{\mathbb{I}}^n\to \mathbb{R};x\in {\mathbb{I}}^n;a,b\in \mathbb{R};F\left(x\right)=a,\mathrm{and}F\left(x\right)=b\Rightarrow a=b$$

  (1)
• Monotonicity: refers to the property of a function where it exhibits non-decreasing behavior, meaning that it yields a non-negative reaction to any increase in its arguments. In other words, the function does not reduce its output value when any input value is increased.

  $$F:{\mathbb{I}}^n\to \mathbb{R}x,x^{\prime }\in {\mathbb{I}}^n,x\ge x^{\prime }\Rightarrow F\left(x\right)\ge F\left(x^{\prime }\right)$$

  (2)
  The membership functions and the defuzzification function employed in this study exhibit monotonic characteristics.
• Sensitivity refers to the degree of responsiveness or reactivity exhibited in a certain context. In the specific scenario of rigorous monotonicity, sensitivity pertains to the extent to which a change in one variable directly and consistently influences a change in another variable.

  $$F:{\mathbb{I}}^n\to \mathbb{R}i\in \left[n\right]F\left(x\right)\ne F(x+\lambda )x\in \mathbb{I},\lambda \ne 0x+\lambda \in \mathbb{I}$$

  (3)
• The property of symmetricity, also known as commutativity, is true when the components or elements of a distribution follow a symmetric distribution. In such cases, the distribution of the aggregated values also exhibits symmetry. This property is also observed in the Fuzzy functions employed.

  $$F:{\mathbb{I}}^n\to \mathbb{R}F\left(x\right)=F\left(\right|x\left|\right)$$

  (4)
• Linearity refers to the property where, in the scenario of components or factors adhering to a uniform distribution, the resulting distribution of the aggregated values will also exhibit uniformity.
• Scale fitting: The aggregate processes should be conducted using the scale values that have been applied. This criterion is also met as the range of each factor is identical.
• Scale endpoint identity: In order to adhere to the boundary criteria, the endpoints of the scales were modified to fall within the interval [1, 10]. This adjustment was important as it ensured that each factor’s potential values were defined within the same range.

2.2. Risk Aggregation Functions

Definition 1.

Let $\mathbf{f}={[f_1,f_2,\dots ,f_n]}^T$, $(n\ge 3,n\in \mathbb{N})$ be the vector representing the set of risk factors. Let $r=S\left(\mathbf{f}\right)$ represent the resulting risk value, where S is a monotonous aggregation function. The risk aggregation protocol (RAP) is denoted as $(\mathbf{f},S)$.

Remark 1.

It is commonly assumed that the risk factors $f_i$ and $f_j$, where $(i\ne j)$ are independent of one another. Nevertheless, the proposed RAP does not need its independence.

According to the provided definition, the quantity of factors, including severity, detection, incidence, cost, and others, is denoted by the variable $n\in \{3,4,5,\dots \}\in \mathbb{N}$. The risk ranking numbers, denoted as $f_i\in \{1,2,\dots ,10\}$ are related to factor i. This input will be employed by aggregation functions to evaluate each risk case.

Several instances of aggregation functions S are as follows, along with their respective output ranges:

• $S_1\left(\mathbf{f}\right)={\prod }_{i:=1}^n{f}_i$ is the geometric mean of risk factors. If n = 3, and the factors are severity, occurrence, and detection, we have the original RPN (risk priority number) from the FMEA. $S_1\left(\mathbf{f}\right)\in \left[1,{10}^n\right]\in \mathbb{N}$
• $S_2\left(\mathbf{f}\right)=Median\left(\left\{\mathbf{f}\right\}\right)$ is the median of risk factors. $S_2\left(\mathbf{f}\right)\in \left[1,10\right]\in \mathbb{N}$
• $S_3\left(\mathbf{f}\right)=\frac{1}{n}{\sum }_{i:=1}^n{f}_i$ is the average of risk factors. $S_3\left(\mathbf{f}\right)\in \left[1,10\right]\in {\mathbb{R}}^{+}$
• $S_4\left(\mathbf{f}\right)=\sqrt{{\sum }_{i:=1}^n{f}_i^2}$ is the generalized n-dimensional radial distance of risk factors. $S_4\left(\mathbf{f}\right)\in \left[\sqrt{n},10\sqrt{n}\right]\in {\mathbb{R}}^{+}$
• $S_5\left(\mathbf{f}\right)=$ Aggregation of Fuzzy membership functions based on rule base. In this case, the output function range depends on the defuzzyfication function established by user, and can be in any prespecified range.

The utilization of risk analysis inside the supply chain is not as prevalent as it ideally should be, primarily due to a lack of competence among purchasing, procurement, and logistics managers, as stated in the preceding chapter. The risk assessment framework, known as [33], has undergone an expansion to incorporate a fuzzy module. This addition has been implemented to effectively address the issue at hand.

2.3. Implementation of Fuzzy

The methodology employed in the previously disclosed fuzzy aggregation function will not be altered. Fuzzy logic comprises three distinct phases, with the initial one being Fuzzyfication/Fuzzyfier. In this phase, the factors (crisps) are converted into fuzzy input variables in the form of membership functions. The subsequent process, Inference, produces output fuzzy variables by utilizing the fuzzy rule base to ascertain which control actions ought to be executed in light of the fuzzy input variables. This constituent could potentially be considered an aggregation protocol. In the concluding phase, Defuzzyfication/Defuzzifier, the produced output is transformed back into genuine output variables, namely the value and/or risk level.

2.3.1. Fuzzyfication/Fuzzyfier

Initially, it is necessary to define the input fuzzy variables by employing the input membership functions. This implies that fuzzy membership functions should be used to convert each risk factor into an input fuzzy variable. The designation for these values is “crisps”. A multitude of linguistic variables influence the number of membership functions associated with a given variable. Typically, Fuzzy FMEA utilizes three to seven linguistic variables [40,41]. It is possible to incorporate additional variables; however, in the given context, the rule base became exceedingly intricate. In the beginning, the input fuzzy variables must be defined through the utilization of input membership functions. Accordingly, each risk factor should be converted into an input fuzzy variable utilizing fuzzy membership functions. These qualities are referred to as “crisps”. The number of membership functions attributed to a specific variable is influenced by an abundance of linguistic variables. Fuzzy FMEA generally employs between three and seven linguistic variables [40,41]. Although it is feasible to include further variables, doing so would have rendered the rule base significantly complex in the given context.

At the beginning and end of the interval, the sigmoid function was implemented:

$$\mu {(x,a,b)}_{sigu}=\left\{\begin{array}{c}0,x\le a\\ \frac{1}{1+e^{a(x-b)}},& \mathrm{any}\mathrm{other}\mathrm{case}\end{array}\right.$$

(5)

$$\mu {(x,a,b)}_{sigd}=\left\{\begin{array}{c}1-\frac{1}{1+e^{a(x-b)}},x\le a\\ 0,& \mathrm{any}\mathrm{other}\mathrm{case}\end{array}\right.$$

(6)

where a is the steepness of function, and b is the inflection point.

For each range within the interval, the bell/splay function is applied:

$$\mu {(x,a,b,c)}_{spl}=\frac{1}{1+|\frac{x-b}{a}{|}^{2c}}$$

(7)

where b is the center of function, a is the width of curve and c is the steepness of function.

Both the splay and bell are Gaussian membership functions that were selected due to their smoothness, non-zero value at all point intervals, continuous differentiability, and mathematical and computational tractability [25].

As illustrated in Figure 1, for $n=5$ (5 linguistic levels), in accordance with its original score or crisp, each component is converted into the sum of n membership functions.

$S_i\left({\mathbf{f}}_{\mathbf{i}}\right)$$={\sum }_{i:=1}^n{\mu }_i\left(x\right)$, $x\le$ 10 and $x\in {\mathbb{R}}^{+}$, other variables of membership functions are constants ( $a,b,c$).

Each factor will have its own sum of membership functions, noted $S_i\left({\mathbf{f}}_{\mathbf{i}}\right),$ $f_i\in$$\{1,2,\dots ,10\}\in \mathbb{N}$, representing the ranking of risk converted in a number.

2.3.2. Fuzzy Rule Base

An analogy can be drawn between the sum of the fuzzy membership functions and the accumulation of factors comprising the fuzzy rule base. The literature also contains considerable variation regarding the selected aggregation method for fuzzy sets: only sums, products, maximal functions, or the Mamdani Fuzzy Inference (MFI) are employed due to the more comprehensible and intuitive nature of their rule bases. The MFI functions optimally in expert system applications in which the norms are established based on the expertise possessed by human beings. The input of this aggregation consists of fuzzy sets, and the output is also a fuzzy set. The output is determined by the center of mass or gravity, and the rule basis is a simple IF-THEN structure. An instance of this can be described as follows:

$$W_i\left({\mathbf{S}}_{\mathbf{i}}\right)=S_1\left({\mathbf{f}}_{\mathbf{i}}\right)\otimes S_2\left({\mathbf{f}}_{\mathbf{j}}\right)\otimes \dots \otimes S_n\left({\mathbf{f}}_{\mathbf{n}}\right)$$

(8)

where ⊗ is the aggregation protocol.

2.3.3. Defuzzyfication

The final phase entails the transformation of the amount of risk from a fuzzy state to a crisp state. In this phase, the determination of risk level will be achieved by converting the membership functions in real numbers. Several viable defuzzification strategies, including:

• Center of gravity of area—see Figure 2;
• Bisector of area refers to a vertical line that partitions a fuzzy set into two sub-regions of equivalent area. The phenomenon in question may exhibit alignment with the center of gravity, however this correlation is not universally observed;
• Mean of Max level;
• Largest of Max—the max value of the highest output membership function;
• Max—the max limit value achieved by any output function;
• Smallest of Max—the lowest value of the highest output membership function;
• Low—is the lowest value achieved by any output function.

The computation of the center of gravity of the membership function is performed, considering the factor’s value, and subsequently, the results are aggregated.

$$x_i=\frac{\int {\mu }_C\left(x\right)xdx}{\int {\mu }_C\left(x\right)dx}$$

(9)

$\int {\mu }_C\left(X\right)dx$ represents the measure of the region enclosed by the membership function C. If the parameter ${\mu }_C$ is established based on multiple discrete membership functions, the center of gravity can be mathematically represented as the summation of these functions.

$$x_i=\frac{{\sum }_{i=1}^N{\mu }_C\left(x_i\right)x_i}{{\sum }_{i=1}^N{\mu }_C\left(x_i\right)}$$

(10)

In actuality, it is feasible to explicitly determine the center of gravity of membership functions by clearly describing the functions. The following diagram presents a visual representation of the methodologies employed in the calculation of accurate output (Figure 2).

The case study detailed in Section 4 employs the center of gravity methodology.

It can be asserted that the chosen and implemented fuzzy function, which includes the defuzzification process with the exception of sensitivity, satisfies every one of the six criteria previously outlined as prerequisites for an aggregate function. Given that the input values consist of natural numbers ranging from [1, 10], this aspect becomes relatively inconsequential (Section 2.1).

2.4. Evaluating the Results of Used Aggregation Functions

Two approaches appeared viable for comparing the outcomes produced by the aggregating functions. One is when the range of output arguments of functions is set to be identical; this is typically resolved by multiplying the values by a constant. This was promptly abandoned due to the potential complexity that the behavior of the functions would have introduced to the situation. An alternative approach entails comparing the output values generated by distinct aggregating functions in the same order in which they assign equivalent risks. This methodology will be further implemented, elucidated in the validation methodology, and will be applied in the case study.

2.4.1. Rank Correlation

The Spearman’s rank correlation coefficient is a statistical measure that quantifies the strength and direction of the association between two variables:

$$r_s=1-\frac{6{\sum }_{i=1}^N{(R_{X_i}-R_{Y_i})}^2}{N(N^2-1)}$$

(11)

where $R_{X_i}$ and $R_{Y_i}$ represent the ranks of the first and second variables, respectively. The sign and magnitude of the value both fall within the range of $[-1;+1]$.

2.4.2. TOPSIS (Technique for Order Preference by Similarity to Ideal Solution)

The application of a multi-criteria decision analysis technique will be employed to evaluate a set of alternatives and ascertain the ranking of the risk analysis models implemented. The TOPSIS method chooses the alternative that has the shortest geometric distance from a positive ideal solution and the greatest geometric distance from a negative ideal solution [42].

Let A represent the pairwise comparison matrix for factors as follows:

$$A=\left(\begin{array}{ccc}{a}_{11}& \cdots & a_{1n}\\ \cdots & \cdots & \cdots \\ a_{n1}& \cdots & a_{nn}\end{array}\right)$$

(12)

where $a_{ij}$ are the judgement scores, considering $a_{ij}=1/a_{ji}$, and $a_{ii}=1$. This matrix is normalized with:

$$k_{ij}=\frac{a_{ij}}{{\sum }_{j=1}^n{a}_{ij}}$$

(13)

The local weight resulting:

$$w_i=\sum _{j=1}^n\frac{k_{ij}}{n}$$

(14)

The variables $h_i$ are used to represent the risk incidents, where i ranges from 1 to n. Similarly, the variables $f_j$ are employed to designate the TOPSIS evaluation criteria, with j ranging from 1 to m. The variable $x_{ij}$ represents the numerical results of the alternative $h_i$ with respect to the criteria $f_j$.

The formula for the normalized decision matrix can be expressed as follows:

$$d_{ij}=\frac{x_{ij}}{\sqrt{{\sum }_{j=1}^m{x}_{ij}^2}}$$

(15)

The weighted normalized decision matrix elements can be generated as follows:

$$V_{ij}=w_i\times d_{ij}$$

(16)

The ideal best solution $V_j^{+}$ and ideal worst solution $V_j^{-}$ are determined by aggregating the highest and lowest values of each criterion.

For beneficial criteria:

$$V_j^{+}=max\left[V_{ij}\right]V_j^{-}=min\left[V_{ij}\right]$$

(17)

For non-beneficial criteria:

$$V_j^{+}=min\left[V_{ij}\right]V_j^{-}=max\left[V_{ij}\right]$$

(18)

Euclidian distances are measured from the ideal best ($S_i^{+}$) and ideal worst ($S_i^{-}$) values:

$$S_i^{+}=\sqrt{{\displaystyle {\sum }_{j=1}^m}{(V_{ij}-V_j^{+})}^2}{S}_i^{-}=\sqrt{{\displaystyle {\sum }_{j=1}^m}{(V_{ij}-V_j^{-})}^2}$$

(19)

The performance score (relative closeness to the ideal solution) can be calculated:

$$P_i=\frac{S_i^{-}}{S_i^{+}+S_i^{-}}$$

(20)

The ranked options are subsequently arranged in descending order as the final step.

This methodology is suitable for pairwise correlation analysis, specifically when the number of variables being compared does not exceed seven. Implementing this strategy gets problematic in situations where there are more than ten hazards, which is a frequently seen phenomenon in real-world scenarios. An illustration depicting the initial use of the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) may be observed in the [43] context.

When evaluating a case that involves more than seven significant individual hazards, it is recommended to engage a team of experts who possess comprehensive expertise regarding the consequences associated with each risk. The individuals possess the capability to produce a matrix that facilitates the rating of effects, dangers, and impacts, alongside another matrix that enables the evaluation of results. One can utilize RSTUDIO to input both matrices and calculate their ranks using the TOPSIS algorithm [44]. This methodology will be represented in Section 4 Step 6 & 7 and in the case study ( Section 5).

3. Designing Steps for Practical Implementation and Validation

This chapter elucidates the practical application of the aforementioned theory. It is crucial to highlight that risk analysis is a qualitative approach that necessitates the involvement of a qualified team or teams. This team should include representatives from all areas of risk and the respective departments responsible for analyzing and evaluating them. Certain industries, like the automotive sector, have a competitive edge due to their reliance on specialized teams who collaborate closely through the entire product life cycle, from design to mass production to end-of-life.

Figure 3 illustrates the steps of evaluation, which are utilized in both the subsequent analysis of the theoretical framework and the case study.

Step 0—Forming the Team: An assemblage of experts with specialized knowledge in logistics, quality management, risk assessment, evaluation, and mitigation, including all relevant departments such as finance/controlling or others, should be formed. Many firms already own risk assessment teams, such as the FMEA team in the automotive sector, which is mandated by the IATF16949:2016 [45] QMS standard. It is crucial that this team demonstrate dedication and possess the appropriate expertise to thoroughly test, assess, and validate the risk strategy. The team composition should be adaptable, so that additional experts from different departments may join based on the analysis conducted. Although referred to as Step 0, this essentially serves as the foundation of the evaluation approach.

Step 1—Hazards identification: This step is a comprehensive gathering of all supply chain concerns, encompassing claims, losses, and delays. It also involves analyzing news from a related business sector, including potential future events. It is imperative to consider the heightened vulnerability to cyber-attacks, dissemination of misinformation, potential conflicts, and climate fluctuations within the logistical network. If the business has conducted prior risk analyses, those should also be included in this gathering. Each input should be taken into consideration.

Step 2—Factors setting: The list from Step 1 should be used to identify the most accurate factors that describe the risk of organization, department, or process. This phase is exceptionally challenging. The factors included in the FMEA, namely detectability, severity, and occurrence, serve as a solid foundation. However, if there are other elements within these that can enhance our ability to precisely characterize the associated risk, they should be incorporated. In addition to the three previously mentioned factors, supply chains also utilize various other elements such as quality, time, cost, intensity, consequence, effect, cause, and measure. The quantity of factors is contingent upon the intricacy of the business or logistic procedures, traffic patterns, business affiliations, and other pertinent considerations (ex. sustainability, energy saving, …). It is imperative to assess these factors on a case-by-case basis for each company, as the level of risk may vary depending on factors such as geographical location, supply chain network pattern, technological infrastructure, workforce availability and expertise, environmental conditions, core technological capabilities, political/economical/regional stability, etc. If a novel component can enhance the risk analysis from the perspective of the organization’s functioning, it is recommended to utilize it. It is important to note that the elements should be linked to specific levels, which are ideally defined by the organization. However, it is recommended that the number of levels should be an even number. Typically, 10 levels are employed, although there is flexibility to differ from this standard.

Step 3—Risk assessment: In this section, we determine the levels of the factors for each risk. The FMEA manual contains specific guidelines for the Severity, Detector, and Occurrence settings in the level settings. For instance, if human detection is involved, the Detectability value must not be lower than 6. Similarly, in manufacturing, if certain areas or parameters are designated as SC (Significant Characteristic) or CC (Critical Characteristic) the Severity value must not be lower than 7. Such regulations can also be implemented for novel factors, particularly once the organization has gained proficiency in their utilization.

Step 4—Set aggregation methods: This step involves the selection of the aggregating functions that we intend to utilize for the purpose of analysis.

The standard FMEA will be utilized as a fundamental framework and point of comparison. Due to the inclusion of three levels (L, M, and H) in the revised FMEA, it is important to note that these levels serve solely as indicators for subsequent evaluation and are not intended for the purpose of risk prioritization. Due to this rationale, the analysis will not incorporate the new FMEA.

In the preceding FMEA, the term used to refer to this was Risk Priority Number (RPN). Organizations established a certain RPN level that necessitated action to decrease the risk. In the context of ISO9001:2015 [46], this threshold is typically regarded as the midpoint within the range of factors, resulting in a value of 125 for three factors ($5^3=125$). In the automotive industry, companies individually define this limit, which generally falls around 100 or lower, as determined by management. Moreover, when the most severe and imperceptible process flaw is amalgamated with a significantly low occurrence score, the Risk Priority Number (RPN) will amount to 100 (1 × 10 × 10), a value that falls below the commonly employed action criterion threshold by several firms. The implementation of the updated FMEA methodology will yield a slightly more accurate outcome. However, its effectiveness remains inadequate, as the risk level was merely the result of implementing risk mitigation measures. If individuals are not justified, it is imperative that they become justified.

Every organization has the autonomy to make a decision regarding whether to accept, mitigate, or acknowledge specific hazards. Based on the aforementioned information, the management of the company or the risk assessment team of experts can ascertain the specific aspects that accentuate the level of risk.

Section 2 provided a detailed presentation of numerous aggregation functions. However, it is possible to introduce additional aggregation functions that adhere to the criteria of aggregation functions.

Step 5—Evaluate the risk with each method: The risk level can be assessed by utilizing each of the selected aggregating functions.

Step 6—Order the results via TOPSIS method and by the experts: This pertains to the arrangement of outputs resulting from aggregating functions. This step comprises two components: the application of the TOPSIS algorithm for ordering and the ordering process conducted by the expert team members.

The determination of the ranking by the TOPSIS method, employing the weight technique. Upon doing risk analysis using the aforementioned six risk analysis functions, the resulting risk values are calculated and subsequently arranged in a certain order. This process enables the risk analysis functions to be compared with one another, marking the completion of Step 6.

Step 7—Evaluation and validation: The assessment of outcomes carries considerable significance at this phase, and requires meticulous and strategic preparation. The risk evaluation expert team was asked to form a committee including the most experienced individuals to assign incidents, disregarding the rankings already published or the outcomes of the risk assessment. This indicates that the indicated persons have a deficiency in understanding the output values of TOPSIS ranking and the results of the aggregation functions.

This committee will make a ranking effect matrix (see as example

Table A7. Ranking of effect by experts from EMS company.

No	C1	C2	C3	C4	C5	C6	C7	C8	C9	C10	C11	C12	C13	C14	C15	C16	C17	C18	C19	C20
C1	1	4.5	4	5	1	0.33	2	1	7.5	7	3	1.5	2.5	0.83	6	3.5	8.5	5.5	6.5	0.5
C2	0.22	1	0.83	1.2	0.25	0.17	0.33	0.25	3	2.5	0.5	0.33	0.5	0.2	1.5	0.67	4	2	2.5	0.25
C3	0.25	1.2	1	1.5	0.29	0.18	0.4	0.29	3.5	3	0.67	0.33	0.5	0.2	2	0.83	4.5	1.5	2.5	0.2
C4	0.2	0.83	0.67	1	0.22	0.15	0.4	0.29	3.5	3	0.67	0.33	0.5	0.2	2	0.83	4.5	1.5	2.5	0.2
5C	1	4	3.5	4.5	1	0.5	15	1.2	7	6.5	2.5	1	2	0.5	5.5	3	7.5	5	6	0.67
C6	3	6	5.5	6.5	2	1	3.5	2.5	9	8.5	4.5	3	4	1	7.5	5	9.5	7	8	1
C7	0.5	3	2.5	3	0.67	0.29	1	0.83	6.5	5	1.3	0.9	1.2	0.4	4	1.5	6.5	3.5	4.5	0.33
C8	1	4	3.5	4	0.83	0.4	1.2	1	6.5	6	2	1.2	1.5	0.67	5	2.5	7.5	4.5	5.5	0.5
C9	0.13	0.33	0.29	0.4	0.14	0.11	0.15	0.15	1	0.8	0.22	0.17	0.2	0.13	0.15	0.25	2	0.5	0.83	0.12
C10	0.14	0.4	0.33	0.5	0.15	0.12	0.2	0.17	1.25	1	0.25	0.18	0.22	0.13	0.83	0.29	3	0.67	0.91	0.13
C11	0.33	2	1.5	2	0.4	0.22	0.77	0.5	4.5	4	1	0.67	0.91	0.29	3	1.2	5	2.5	3.5	0.25
C12	0.67	3	3	3.5	1	0.33	1.11	0.83	6	5.5	1.5	1	1.2	0.5	0.22	2	6.5	4	5	0.4
C13	0.4	2	2	2.5	0.5	0.25	0.83	0.67	5	4.5	1.1	0.83	1	0.33	3.5	1.2	5.5	3	4	0.29
C14	1.2	5	5	5.5	2	1	2.5	1.5	8	7.5	3.5	2	3	1	6.5	4	8.5	6	7	0.83
C15	0.17	0.67	0.5	0.67	0.18	0.13	0.25	0.2	6.5	1.2	0.33	4.5	0.29	0.15	1	0.4	2	0.83	1.2	0.14
C16	0.29	1.5	1.2	1.5	0.33	0.2	0.67	0.4	4	3.5	0.83	0.5	0.83	0.25	2.5	1	5	2	3	0.22
C17	0.12	0.25	0.22	0.29	0.13	0.11	0.15	0.13	0.5	0.33	0.2	0.15	0.18	0.12	0.5	0.2	1	0.4	0.67	0.11
C18	0.18	0.5	0.67	0.77	0.2	0.14	0.29	0.22	2	1.5	0.4	0.25	0.33	0.17	1.2	0.5	2.5	1	1.2	0.15
C19	0.15	0.4	0.4	0.56	0.17	0.13	0.22	0.18	1.2	1.1	0.29	0.2	0.25	0.14	0.83	0.33	1.5	0.83	1	0.13
C20	2	4	5	6	1.57	1	3	2	8.5	8	4	2.5	3.5	1.2	7	4.5	9	6.5	7.5	1

) and the impact matrix (see also an example

Table A9. Evaluation of impacts in all risk cases based on ranking matrix.

No	C1	C2	C3	C4	C5	C6	C7	C8	C9	C10	C11	C12	C13	C14	C15	C16	C17	C18	C19	C20
Eval	−	+	+	+	−	−	−	−	+	+	−	−	−	+	−	+	+	+	+	−

) using their respective scores. The precision of these matrices is of utmost importance as it exerts a substantial influence on the final result. This implies that the perspectives of a specific cohort of specialists with substantial expertise in evaluating the relative effects of each approach should be considered.

The validation of the method involves comparing the results of the committee with the ranking made via TOPSIS. If it coincides, that will be the best aggregation function that can be used by the organization.

The risk assessment is conducted using individuals, thereby yielding qualitative data. Applying any aggregating function to these values yields a qualitative outcome, irrespective of the mathematical functions used to rank the data, such as AHP, TOPSIS, etc. Nevertheless, by conducting the same comparison using the most seasoned experts from the risk analysis team and employing the aforementioned comparative mathematical tools, the outcome should be identical. The occurrence of human error can be mitigated by conducting this study again with the group. Using this method, the most appropriate aggregating function for risk analysis within the organization.

4. Case Study

The experimental study is focused on an electronic manufacturing services (EMS) supplier. Conducting testing within the comprehensive supply chain offers several advantages owing to the central location of this EMS (see Figure 4).

In certain instances, manufacturers $\left(S_x\right)$ or, in extreme circumstances, direct customers $\left(C_x\right)$ are occasionally chosen as the source for larger quantities of raw materials or components, despite the customary practice of EMS firms to procure them via distributors $\left(D_x\right)$. This holds particularly true in cases when the design of the final product is still undergoing development or when it becomes imperative to conduct tests on updated components. To facilitate the installation of these units by original equipment manufacturers (OEMs), the EMS delivers the goods to direct customers $\left(C_x\right)$. Subsequently, these customers engage in further processes, such as the development of more intricate modules, testing, and programming.

Under some circumstances, the EMS may also provide the carmaker with goods directly, as indicated by the $EMS-O_x$ connection in Figure 4. The instances of $S_x$ and $D_x$ have been simplified in the EMS. They are treated as a single node or “location” because the EMS communicates with them through their Distribution Centers or Offices, even though they consist of several factories/locations. Various logistical groups play a crucial role in facilitating the transportation of products between different nodes throughout the process. This case study offers a comprehensive opportunity to analyze a wide range of supply chain issues.

The automotive industry places significant importance on the availability of raw materials for manufacture, ensuring that they are provided at the appropriate time, quantity, and quality. Additionally, the industry recognizes the need for problem-free production, which is not the focus of this study, and the timely and accurate delivery of products to customers. Any departure from this stipulation leads to supplementary costs or a decrease in revenue.

A team of professionals specializing in logistics, quality management, risk assessment, finance/controlling, and FMEA was assembled within the EMS firm. The primary objective of this team was to conduct comprehensive testing, analysis, and validation of the entire approach.

Step 1—Hazards identification: The present study conducted an exhaustive analysis of various supply chain concerns, including claims, losses, and delays, spanning a period of four years. Subsequently, a comprehensive inventory of risks was compiled. In this particular case, a total of 20 unique concerns were identified.

Step 2—Factors setting: The criteria for evaluating each factor, specifically Occurrence, Severity, and Detection, are presented in

Table A1. Criteria for evaluating the frequency of Occurrence of logistic defects at incoming.

Probability of Occurrence	Occurrence Definition	Score
Never	Never	1
Unlikely	Once a year	2
Very low	Once a month	3
Low	Once a week	4
Medium	Once a day	5
Medium high	Daily 2–4 time	6
Important	Daily 5–10 time	7
Very important	Once in an hour	8
Very very important	Hourly 2–4 time	9
Extremely important	Hourly more than 6 time	10

,

Table A2. Criteria for evaluating the severity of the logistic failure defects.

Severity of Failure	Severity Ranking	Score
No discernible effect	No discernible effect	1
Slight inconvenience in logistic process	Alarm at SCM	2
Can cause short stops	Red alarm at SCM	3
Can cause considerable stops in process	Can cause written remark	4
Small stops at Tier1	Warning from Tier1	5
Several small stops at Tier1	Escalation by Tier1	6
Serious stops at Tier1	Red alarm at Tier1	7
Delay at final customer	Escalation start from final customer	8
Small stops at final customer	Emergency at final customer	9
Serious stop at final customer	Stop final customer	10

, and

Table A3. Criteria for assessing the detection of defects.

Probability of Detection	Detection Effect	Score
Automatic detection	No effect	1
Extremely Easy detection	Easy to detect	2
Very high probability	Small delays	3
High probability	Detected delays	4
Medium	Late deliveries	5
Little	Several late deliveries	6
Very little	Line stops	7
Hard to detect	Several line stops	8
Extremely high	Customer stop	9
Undetectable	End customer stop	10

, respectively. These tables may be found in the Appendix A.

Step 3—Risk assessment: The findings of the FMEA analysis, considering the aforementioned criteria, are presented in Table A6. The result was generated by employing both the previous FMEA standard, which solely considered the initial three factors (Occurrence, Severity, and Detectability), and the present FMEA standard which includes the AP (Action Priority) levels.

Table A6 illustrates three factors that are insufficient in appropriately highlighting the true level of threat. This is the reason why certain authors and researchers have started incorporating supplementary variables (such as performing analysis with four or five components).

The upper echelons of management within this EMS company were engaged in consultation, resulting in the selection of two more factors, namely control and cost.

The cost refers to the estimated financial impact incurred due to errors or inefficiencies in handling or logistics. Within the realm of literature, this particular element is commonly referred to as “Value”.

The second factor is the Control factor, which assesses the feasibility and effectiveness of controlling, preventing, or mitigating a process, and determines the extent to which it can be achieved. Please refer to

Table A4. Criteria for evaluating the cost of logistic defects.

Probability of Cost	Cost Definition	Score
Never	No cost	1
Very small	Non-significant	2
Small	Tens of €	3
Low	Hundreds of €	4
Medium low	1–2 k€	5
Medium	2–5 k€	6
Significant	5–10 k€	7
High	10–25 k€	8
Very High	25–100 k€	9
Extremely high	Over 100 k€	10

and

Table A5. Criteria for evaluating the controllability of logistic defects.

Probability of Control	Control Definition	Score
Fully controlled	No attention required	1
Exceedingly simple to control	Needs small attention	2
Simple to control	Attention	3
Gap in control	Easy re-planning	4
Several gaps in control	Re-planning	5
Serious gaps in control	Fast reaction	6
Difficult to control	Several fast reactions	7
Very difficult to control	Difficult	8
Partially out of control	Very difficult	9
Completely out of control	Impossible	10

for a comprehensive overview of the established evaluation criteria pertaining to the supplementary components.

Step 4—Set aggregation methods: The present set of factors include Severity, Occurrence, Detectability, Cost, and Control. The next step involves the selection of the aggregating functions that we intend to utilize for the purpose of analysis. The standard FMEA will be utilized as a fundamental framework and point of comparison. Additional aggregating functions that will be employed encompass Multiplication, Average, Sum, and Euclidean Distance, augmented with Fuzzy. These functions consist of five elements and are all encompassed inside the TREF technique. All of these topics are addressed in Section 2.2.

The fuzzyfication function, depicted in Figure 1, is consistent across all five failure factors, namely severity, occurrence, detectability, cost, and controllability. With the exception of the initial and final functions, each function possesses a range in which its value is non-zero, and the midpoint is denoted. The variable $Midk$ represents the midpoint, while k denotes the number of linguistic variables utilized to describe each failure. In all instances, the membership function takes on values inside the range of 0 to 1. Here, $A_k$ represents the count of non-zero elements in $kS$, $kO$, and $kD$. The variables S, O, D, Cs, and Cn are used to denote the severity, occurrence, detection, cost, and controllability, respectively.

Step 5—Evaluate the risk with each method: The risk level can be determined by employing each of the six aggregating functions.

Step 6—Order the results via TOPSIS method and by the experts: The outcomes of the aggregation functions are presented in this order, employing two distinct methods: TOPSIS and the expert group.

The determination of the ranking by the TOPSIS method, employing the weight technique. The symbol $k_i$ represents the average value of the membership function, with i denoting the factors S, O, D, Cs, and Cn. Upon doing risk analysis using the aforementioned six risk analysis functions, the resulting risk values are calculated and subsequently arranged in a certain order. This process enables the risk analysis functions to be compared with one another, marking the completion of Step 6. The ranking outcomes are displayed in

Table 1. A detail from the ranking matrix composed from the standard FMEA, TREF Multiplicative, Tref Average, TREF Median, TREF Distance, and TREF Fuzzy functions—the last 5 evaluations were made using 5 factors.

No	R. FMEA	R. TREF Multi	R. TREF Aver	R. TREF Medi	R. TREF Dist	R. TREF Fuzzy
1	1	15	15	17	14	17
2	2	17	17	18	17	8
3	3	18	18	19	18	9
4	5	13	14	14	16	7
5	4	19	19	20	19	16
6	19	20	20	16	20	20
7	18	16	16	15	15	13
8	9	7	7	7	7	15
9	10	5	5	5	4	2
10	6	1	1	2	1	3
11	11	6	6	6	5	11
12	7	3	3	3	6	14
13	12	14	13	13	12	12

below:

The subsequent results are presented herein upon inputting all the data into R’s TOPSIS analysis program [44] with uniform weights, while considering the assessment of impacts (see

Table 2. Ranking of methods using TOPSIS without considering the weights.

Alt. Row	Name	Score	Rank
1	FMEA	0.6308374	1
2	TREF Multi	0.4312619	4
3	TREF Aver	0.4338759	3
4	TREF Medi	0.4414542	2
5	TREF Dist	0.4132224	5
6	TREF FMEA	0.2516496	6

):

To illustrate the potential outcome in the absence of an expert-established importance matrix, a random impact matrix was employed, yielding the following result (see

Table A8. Random evaluation of impacts in all risk cases.

No	C1	C2	C3	C4	C5	C6	C7	C8	C9	C10	C11	C12	C13	C14	C15	C16	C17	C18	C19	C20
Eval	+	−	+	−	+	−	+	−	+	−	+	−	+	−	+	−	+	−	+	−

). The highest rank (6) gives the best result.

Step 7—Evaluation and validation: The ranking effect matrix (Table A7) and the impact matrix (Table A9) were generated by expert members using their respective scores.

Table 3. Ranking of methods using TOPSIS with weights.

Alt. Row	Name	Score	Rank
1	FMEA	0.5959322	1
2	TREF Multi	0.5529383	3
3	TREF Aver	0.5538219	2
4	TREF Medi	0.5418204	4
5	TREF Dist	0.5364203	5
6	TREF FMEA	0.1567300	6

displays the outcomes obtained from employing the matrices indicated earlier as weight and impact in the TOPSIS analysis program implemented in R [44].

In this scenario, the highest rank also yields the most optimal outcome.

This ordering is the same as the ordering made by experts.

The observation reveals that both the ordering obtained with the random impact matrix (refer to Table 2) and the ordering generated with the weighted impact matrix (refer to Table 3) indicate optimal aggregation function no. 6, namely the TREF FMEA.

5. Discussion and Result

The ranking of the several aggregation approaches, ranging from the riskiest (method 1) to the safest (method 6), is provided in Table 3. The finding that the basic FMEA with only three variables ranks as the riskiest is not unexpected, as experts emphasize the significance of two additional factors, namely Cost and Control, which are deemed highly important and justified.

The ranking of the remaining five risk aggregation methods, which consider five factors as input and employ multiplicative, average, median, modified Euclidean distance, and fuzzy functions, is very interesting.

The utilization of the frequency perspective in the assessment process can prove to be useful. The Crystal Ball (https://www.oracle.com/applications/crystalball/, accessed on 24 November 2023) application developed by Oracle, which is an add-in for Microsoft Excel, was employed for this purpose. For the examination of three variables, specifically for the conventional FMEA, the trial number was established at 10,000. In this particular case, the sensitivity for each element was $33.3\%$. In the case of evaluating five factors, the trial numbers were set to 100,000 to achieve equal sensitivity for each element, with each factor accounting for 20% of the total.

The figures that were generated to illustrate the distribution of frequencies and values are presented in Figure 5.

A comprehensive summary of the simulations conducted using Oracle’s Crystal Ball is provided in

Table 4. Characteristics of different aggregation methods for 5 factors including the standard FMEA with 3 factors.

Item	FMEA	TREF Multi	TREF Aver	TREF Median	TREF EucDist	TREF Fuzzy
Factors	3	5	5	5	5	5
Skewness	1.66	3.34	−0.0025	−0.003	−0.32	3.28
Kurtosis	5.77	18.84	2.36	2.37	3.02	17.91
Min	1	1	1	1	2	8
Max	1000	100,000	10	10	22	77,348

.

The Skewness in Table 4 pertains to the absence of symmetry in the dataset, whereas the Kurtosis assesses whether the data exhibit heavy (positive values) or light (negative values) tails relative to a normal distribution.

Upon examination of the simulation figure (Figure 5), it is evident that:

• The results obtained via the Multiplication Aggregation Method, as depicted in Figure 5b, exhibit a level of comparability to those obtained from a conventional FMEA. However, it should be noted that the former method involved the consideration of five components, whereas the latter method typically considers three components. The linearity of the Multiplication technique and the standard FMEA is commendable. Consequently, the outcome for a scenario including n factors will yield a range of $[1,{10}^n]\in \mathbb{N}$ for each factor, where the range of each factor is $[1,10]\in \mathbb{N}$. The concerns of FMEA are equally relevant in this particular case.
• The input range and output range for the Average aggregate in Figure 5c are identical, spanning from 1 to 10. This method demonstrates strong linearity. The presence of extreme values can pose challenges in some scenarios. In that case, if one factor attains its maximum value and the remaining factors maintain low values, the resulting output will nevertheless fall below the midpoint of the output range. In this particular scenario, the presence of low-value components effectively mitigates the impact of any extreme values, hence impeding the identification and analysis of potential risks.
• The Median aggregation yields the lowest Skewness score, as depicted in Figure 5d, suggesting that the data exhibits a high degree of symmetry. The Kurtosis score of our dataset is rather low, suggesting a moderate level of customization in the data. This situation bears a resemblance to the Average aggregation approach.
• The linearity is only average and the computation is challenging in the case of the Euclidean distance (generalized) aggregate (see Figure 5e). Interpretation is challenging in n-dimensional space where $n>3,n\in \mathbb{N}$. In the case of n factors, the output will be $[\sqrt{n},10\sqrt{n}]\in {\mathbb{R}}^{+}$ for each factor’s range of values of $[1,10]\in \mathbb{N}$. The linearity of the Euclidean distance (generalized) aggregate is only average, and its computation is problematic, as depicted in Figure 5e.
• The outcome data for the Fuzzy aggregation method (refer to Figure 5f), which is determined by the used membership and defuzzification functions, exhibit similarities to those of the TREF Multiplication. However, it is important to note that the output consists of just five primary groups (see Figure 1).

In conclusion, it is important to acknowledge that aggregations utilizing multiplication approaches, such as FMEA, generalized TREF Multiplication, and TREF Fuzzy with respect to defuzzification, yield the most unfavorable distribution. However, their significant contributions become essential in situations when elements exhibit elevated levels of risk.

The reason for arranging each output in decreasing order was to ensure that this pattern was accurately represented. The comparative analysis of rank modifications for various aggregation functions is illustrated in Figure 6.

The present graphic depiction of Alluvian representation serves to emphasize the discrepancies in ordering through the comparison of an initial state and a subsequent state. The depiction, however, commences with the conventional outcomes of the FMEA as a refference, considering the sequential Risk Priority Number (RPN) or output values. Subsequently, it demonstrates the alteration in prioritization of the aforementioned risk subsequent to the implementation of the novel aggregate function. The final diagram encompasses a triple figure that visually represents the transition from the conventional FMEA to the enhanced FMEA incorporating risk levels. This diagram enables readers to discern the differences between the two approaches. Additionally, the diagram includes the TREF Multiplicative, which functions as a comprehensive representation of various components. Please refer to Figure 6e for further details.

The comparison between the conventional FMEA and the TREF Fuzzy method depicted in Figure 6b holds significant importance in this study as it demonstrates the optimal results achieved by the utilization of the TREF Fuzzy aggregation function, as indicated in Table 3. The outcome was validated by the team of experts.

Outcome: The results obtained from this approach have been implemented, following the PDCA model (see Figure 3), and are presently under close scrutiny. If a new type of failure or unforeseen outcomes arise, the analysis will be repeated. After a period of six months of usage, no variation has been seen.

Remark: The purpose of this paper is to provide a comprehensive guide for the identification of risks connected with Supply Chain Management (SCM). Its objective is to facilitate a thorough understanding of various risk variables and their corresponding significance. This document imposes some limitations, with the exception of donations. The process of prioritizing risks is contingent upon the thorough examination, evaluation, and distinctive perspectives that have surfaced pertaining to the manufacturing facility in question, and at the specific moment of the expert’s deliberation. Consequently, a hasty method has the potential to significantly undermine the precision and reliability of the investigation.

6. Summary

On the basis of the data in Table 3 and Table 4, and Figure 6b it is possible to conclude that the introduction of the two new factors substantially prolonged the identification of actual risks, i.e., risks that cause substantial damage emerged. The methodology that was demonstrated, as well as explained in the Case Study, is readily implementable by SCM decision-makers. This aids them in identifying the fundamental risks that require preparation and consequently facilitates the identification of such risks. The comprehensive exposition of the method’s implementation steps in the case study renders them universal, and applicable to sectors and industries beyond supply chain management.